Cyber-crisis management

Cyber-crisis management committee exercises to prepare for a cyber attack

A cyber attack often catches companies unprepared and causes more damage than if an overarching crisis team had reacted professionally to hackers' IT attacks. This is why RiskWorkers trains current and future IT staff members so that they can learn how to handle espionage software, ransomware or a logic bomb. This safety training ensures that your company is best-placed to defend itself against IT attacks, thanks to IT staff being trained using crisis management committee exercises.

How does a cyber attack do damage?

IT attacks can be roughly divided into two categories: data theft and data destruction. The former type aims to steal data or assets from a company. These cyber attacks see hackers use spyware or social engineering methods such as CEO fraud, which involves them attempting to trigger financial transactions or expose a company’s secrets. Key companies are frequently the targets of invasive APT (advanced persistent threat) attacks, which burrow deep into their IT infrastructure.

Attackers from the second category are not interested in a company’s data. They want to do damage or extort money. They use ransomware to threaten to encrypt data if the victim is not prepared to meet their ransom demands. A logic bomb turns a dissatisfied employee into a threat: he or she could delete all the data they can get their hands on at a particular point in time.

How RiskWorkers prepares the IT crisis management team

RiskWorkers conducts corporate cyber crisis management team exercises in which we confront a company’s IT crisis staff with simulated attacks. These realistic simulations give information on how effectively current and future members of the IT crisis management team deal with cyber attacks in an emergency. It is not only employees who are put to the test: the established processes to defend against attacks of this nature are also checked. Is everything up to date? Can anything be improved? Can they be scaled-up enough to match the company’s growth? In short, we give the IT crisis management team the opportunity to test out an emergency scenario without putting the company’s assets in danger.

Example scenarios

Scenario I:

Selected managers all receive a threatening email at the same time. The email tells them that employees’ personal information will be encrypted if a ransom is not paid within 24 hours. Two days later, backdoor malware encrypts files on 200 client systems.

Scenario II:
Advanced Persistent Threat

Spyware is introduced using social engineering, and gives attackers administrative rights to privilege escalation. Next, attackers use lateralisation to gain access to other parts of the IT infrastructure. After the cyber attack, important business secrets are sent via encrypted DNS backchannels until they are discovered by chance.

Scenario III:
Logic Bomb

An employee is at risk of losing his job. Out of frustration he installs a logic bomb on one of the company’s server. It will start to delete saved files at a pre-defined point in time.

Contact us to find out how we use simulations like these and others to shore up your cyber defences.